示例#1
0
文件: gitlab.go 项目: Ablu/drone
func (g *Gitlab) Teams(u *model.User) ([]*model.Team, error) {
	client := NewClient(g.URL, u.Token, g.SkipVerify)
	groups, err := client.AllGroups()
	if err != nil {
		return nil, err
	}
	var teams []*model.Team
	for _, group := range groups {
		teams = append(teams, &model.Team{
			Login: group.Name,
		})
	}
	return teams, nil
}
示例#2
0
// Login authenticates the session and returns the
// remote user details.
func (g *Gitlab) Login(res http.ResponseWriter, req *http.Request) (*model.User, bool, error) {

	var config = &oauth2.Config{
		ClientId:     g.Client,
		ClientSecret: g.Secret,
		Scope:        DefaultScope,
		AuthURL:      fmt.Sprintf("%s/oauth/authorize", g.URL),
		TokenURL:     fmt.Sprintf("%s/oauth/token", g.URL),
		RedirectURL:  fmt.Sprintf("%s/authorize", httputil.GetURL(req)),
	}

	trans_ := &http.Transport{
		Proxy:           http.ProxyFromEnvironment,
		TLSClientConfig: &tls.Config{InsecureSkipVerify: g.SkipVerify},
	}

	// get the OAuth code
	var code = req.FormValue("code")
	if len(code) == 0 {
		http.Redirect(res, req, config.AuthCodeURL("drone"), http.StatusSeeOther)
		return nil, false, nil
	}

	var trans = &oauth2.Transport{Config: config, Transport: trans_}
	var token_, err = trans.Exchange(code)
	if err != nil {
		return nil, false, fmt.Errorf("Error exchanging token. %s", err)
	}

	client := NewClient(g.URL, token_.AccessToken, g.SkipVerify)
	login, err := client.CurrentUser()
	if err != nil {
		return nil, false, err
	}

	if len(g.AllowedOrgs) != 0 {
		groups, err := client.AllGroups()
		if err != nil {
			return nil, false, fmt.Errorf("Could not check org membership. %s", err)
		}

		var member bool
		for _, group := range groups {
			for _, allowedOrg := range g.AllowedOrgs {
				if group.Path == allowedOrg {
					member = true
					break
				}
			}
		}

		if !member {
			return nil, false, fmt.Errorf("User does not belong to correct group. Must belong to %v", g.AllowedOrgs)
		}
	}

	user := &model.User{}
	user.Login = login.Username
	user.Email = login.Email
	user.Token = token_.AccessToken
	user.Secret = token_.RefreshToken

	if strings.HasPrefix(login.AvatarUrl, "http") {
		user.Avatar = login.AvatarUrl
	} else {
		user.Avatar = g.URL + "/" + login.AvatarUrl
	}

	return user, g.Open, nil
}